Mad Magazine, the NSA and Chinese Army Hackers

A quick follow up to yesterday’s post, continuing the “Jeez, you just can’t keep a good secret anymore” meme for the week.  If you follow politics or business news you may have seen lots (and lots and lots) of headlines lately regarding US economic losses, political wrangling and business executives’ hand-wringing over enormous, far-reaching and, by all accounts, incredibly effective Chinese hacking and cyber penetration of American companies, research labs and government agencies.  (Reading like a list of B-grade spy movies, feel free to read about “Operation Shady Rat” or “Byzantine Foothold” for some eye-opening facts and figures if this stuff isn’t your normal beat.)

 

Recently, there was great sturm und drang after the folks over at Mandiant produced a very detailed and revealing public report about just how big, bad, widespread and effective these efforts have been (which wasn’t entirely news to those in the know), and much more interestingly, great specifics on how it was done, and by whom, (which was).

 

A division of the Chinese People’s Liberation Army known by the not-entirely-inspirational moniker of “PLA Unit 61398” has since been the topic of much discussion in the press, the government and the security community.  (Not that a sexy moniker is all that important I suppose.  I hear it’s a great place to work with great benefits.  You can read one of their recruiting notices here if you’d like – see aforementioned “Jeez, can’t anybody keep a secret anymore?” discussion.)

 

Not to be outdone, (and in a piece that made me feel a bit like I was seeing a media version of the old Spy vs. Spy cartoons) FP just published a story headlined “Inside the NSA’s Ultra-Secret China Hacking Group”.  When the article includes a description of the inside of the building and the door into the room housing said “Ultra-Secret” unit, I’m pretty sure the folks who work there had a pretty significant hand in un-secreting it.

 

Still, given that the Chinese have long said they have their own mountains of data that we’ve been doing the same to them, perhaps this was just a timely PR use of information that, like Unit 61398, was about to enter the public conversation anyway.  The more I think about it, the more resonant that old cartoon strip seems.  They do it to us.  We do it to them.  Both sides know it, and the game goes on.  My guess is that what is a little bit different now is that both sides have to learn to play a game of shadows on a field that’s far more brightly lit than ever before.

IMO, China’s welcome to lead the world in some things…

A week or so ago, I noted, via an awesome slide from Bit9 Security, that Chinese hackers are just workin’ stiffs like the rest of us.  Then I had a quick piece that even here in the West we see increasing indications they face some of the same concerns we do with regard to the trouble of keeping information bottled up.  (This was further emphasized today by the stories, backed by pretty strong evidence, claiming that a hacker going by “Hardcore Charlie” has penetrated China Electronics Import & Export Corporation or “CEIEC”, China North Industries Corporation, WanBao Mining, and others.)

Well, today, (OK it was actually Friday, but apparently I forgot to hit “Publish” before I sat down to dinner on Friday) another in the trickle of “China has now surpassed the US” stories, and this one they’re welcome to.

The Anti-Phishing Working Group reported today that China’s Taobao.com e-commerce site “Surpasses PayPal as the World’s Most Phished Brand“. Seems not even the (I should say alleged) world leaders in the theft of sensitive information are immune to the even the simplest forms of stealing sensitive data. This includes both intentional dOxxing like Hardcore Charlie, and the inadvertent revelations that simply can’t be stopped in world full of camera phones and Twitter (and Weibo) accounts.  (See the TV documentary that caught Chinese army personnel using click-to-play Cyber attack tools in the background as a fun example.)

Being trained in macroeconomics and generally favoring the Darwinian benefits of competition, I have to say this is one crown I’m happy to hand over.

Thanks again to the APWG for some very useful stats and reporting in today’s release.  Full report is at:

http://apwg.org/reports/APWG_GlobalPhishingSurvey_2H2011.pdf

Disclaimer: The views expressed on this blog are mine alone, and do not represent the views, policies or positions of Cyveillance, Inc. or its parent, QinetiQ-North America.  I speak here only for myself and no postings made on this blog should be interpreted as communications by, for or on behalf of, Cyveillance (though I may occasionally plug the extremely cool work we do and the fascinating, if occasionally frightening, research we openly publish.)

Social Media and the Military – keeping secrets keeps getting harder

I work with a group of fantastic Open Source Intelligence (OSINT) analysts.  One of them, who both reads this blog and knows I’m a pilot/airplane junkie, sent over this link under the heading of “Digital Water in China?”.  It talks about how, days before it ever made the Western press, the first confirmed sighting/evidence for a Chinese fifth generation fighter came not from the massive US intelligence apparatus but from a cell phone camera hung out a car window and posted to a Chinese military fanboy forum.

Now I recognize that China has an infamous, massive and essentially limitless-budget Web censorship program, which might well lead one to conclude that this evidence was found online because it was allowed to stay online. China decided it was time to let the world know so they intentionally let the drip-drip-drip start ahead of the (blatant thumbing-of-the-nose) first flight while Defense Secretary Robert Gates was in town.

Still, I happened to get this email the same week that linkedin discussions introduced me to both www.nosi.org (a naval OSINT blog maintained by, of all people, a physician) and osgeoint.blogspot.com, a blog both discussing and analyzing publicly available geospatial intelligence.  There are many more like these of course, but it’s still amazing that on any given day you can now read posts by people who (for free by the way) identify ships, spot aircraft and analyze other military assets from Google earth or satellite imagery. We can learn about ship construction from employee’s blogs, twitpics from dog-walkers and minutes from town meetings.  And let us not forget the first person to (albeit unknowingly) inform the world about the raid that killed Bin Laden – a Pakistani programmer up late writing code who Tweeted about the ruckus happening a few hundred yards away.

Look down the road another ten years at everything from augmented reality goggles to the questions raised for Law Enforcement and espionage by Facebook’s facial recognition.  I don’t know exactly what will and won’t be possible, but it certainly seems to me that keeping ANYTHING, from Special Ops that last an hour to weapons programs that run decades, secret is going to get a lot harder.  From the intentional  wiki-leaking to the inadvertent disclosure, the Digital Water is pushing and probing, finding its way out the cracks and crevices.  I suppose I take some comfort from the J-20 Stealth Fighter story at least in knowing our likely adversaries will have to tangle with the same problems.

Disclaimer: The views expressed on this blog are mine alone, and do not represent the views, policies or positions of Cyveillance, Inc. or its parent, QinetiQ-North America.  I speak here only for myself and no postings made on this blog should be interpreted as communications by, for or on behalf of, Cyveillance (though I may occasionally plug the extremely cool work we do and the fascinating, if occasionally frightening, research we openly publish.)

%d bloggers like this: